Configuration Support for External Client Access

Jive
optionally supports access to the community from several kinds of clients. This topic
describes how to ensure that these connections are secure.

The following clients might need secure access setup:

Mobile devices. Jive supports browser-based access using a range of mobile
devices. See the Jive Mobile documentation for more information.

Bridged instances. Using a bridge, you can connect two Jive communities together. Through this bridge, people in
one community (who are members the bridged communities) can see activity from
the bridged communities. It's possible that the bridge might cross network
boundaries.

An add-in within Microsoft Office. Jive offers the Jive Desktop Office add-in through which people can upload
and synchronize Office documents while working within the Office application on
their desktop.

Features designed to help you ensure secure access include:

URL conventions that you can use to filter requests. See below for more on
these.

Web Services are automatically enabled.

URL Conventions

Each of the client types listed above requires access to the community in order to
exchange data about content, people, and activity. Each communicates with the
community using Representational State Transfer
(REST) web services. To help you secure that access, Jive uses a URL
convention that you can use to filter requests so that only those relevant to the
services you've supported are allowed. Each client uses a different base URL to make
requests.

Each REST URL for the clients listed begins with __services and is
followed by a convention specific to the client type, i.e., /mobile,
/bridging, and /office.
Using this convention you can filter access to permit valid requests. For example,
imagine that you want to allow a bridge from a public community outside your
firewall to a private community that's inside it. You could create a filter that
permits URLs of the form /__services/bridging/**. Depending on your
network topology and conventions, you could permit these URLs through your firewall,
or you could set up a reverse proxy that would forward requests made to these URLs.

The following table lists base URLs for each client type:

Client

Base URL

Notes

iPhone

/__services/mobile/v1/

Services can be enabled or disabled in the Admin Console. Only
applies to Jive versions 4.5.5 and earlier.

Bridged instance

/__services/bridging/

Services can be enabled or disabled in the Admin Console.

Jive Desktop Office add-in

/__services/office/

Services can not be disabled via the console if the feature is
installed.

Security for Client Requests

You can enable Secure Sockets Layer (SSL) for each type of client, although how you
do so varies among the clients.

The following table describes how SSL is enabled for each client type:

Client

SSL Handling

iPhone

You can force SSL specifically for the iPhone from the admin
console as described in the 5.0 help topic Setting Access for Web Service Clients.
(Web Services are automatically enabled in versions 6.0 and higher). Note that if
you'll be using SSL to secure iPhone access, your certificate must
be valid. For example, it must be created by a trusted authority
such as Verisign, rather than self-created. Only applies to Jive versions 4.5.5 and earlier.